Hello,
we would like to implement new vendor specific capabilities under IKEv2. This
capability requires argument passing. These arguments should be protected
(encrypted and signed).
We were wondering what was the cleanest way to do this.
What seemed the most logical is
1- negotiating capability in message 1/2 via a Vendor-ID payload
2- if both peers support capability, exchange parameters via Notify Payloads in
message 3/4 or later
We were considering using configuration attributes instead of Notify Payload
but we are not sure this is an adequate message type.
Can someone give us an advice ?
thanks,
Frederic Detienne
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
